Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/vyXz4tYDiy01C-tP-2djzJr0Hgw.roa
File: vyXz4tYDiy01C-tP-2djzJr0Hgw.roa (raw, json)
Hash identifier: oasFrVMvy3GysCGryrunOBXin/I3tcz3ccrPyqxR6Rw=
Subject key identifier: BF:25:F3:E2:D6:03:8B:2D:35:0B:EB:4F:FB:67:63:CC:9A:F4:1E:0C
Certificate issuer: /CN=4a644c1156851803f37adeec0876ccf989d5aef0
Certificate serial: 01831011A37B6584621B62AF0341CDEFE266
Authority key identifier: 4A:64:4C:11:56:85:18:03:F3:7A:DE:EC:08:76:CC:F9:89:D5:AE:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SmRMEVaFGAPzet7sCHbM-YnVrvA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/vyXz4tYDiy01C-tP-2djzJr0Hgw.roa
Signing time: Mon 05 Sep 2022 23:52:14 +0000
ROA not before: Mon 05 Sep 2022 23:52:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210590
IP address blocks: 2a0f:5707:111::/48 maxlen: 48
2a0f:5707:1000::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:10:11:a3:7b:65:84:62:1b:62:af:03:41:cd:ef:e2:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a644c1156851803f37adeec0876ccf989d5aef0
Validity
Not Before: Sep 5 23:52:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bf25f3e2d6038b2d350beb4ffb6763cc9af41e0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:c8:a7:14:7b:1c:2c:86:fb:ed:73:a3:2f:6c:
9e:30:3a:2f:e4:68:b4:8b:39:8f:ec:30:55:9d:6a:
b1:aa:3f:23:a5:da:87:20:40:13:b5:09:67:89:ff:
59:50:aa:df:58:27:1a:42:8b:9b:cc:e9:63:0c:66:
80:6a:17:40:8e:63:4b:0f:5a:e7:c6:48:2c:a4:3f:
e4:7f:0c:30:8f:8e:86:1a:b7:d4:d4:66:c7:74:72:
f5:e9:ed:98:9a:2a:af:2c:fd:62:3b:77:01:23:6f:
41:45:6f:e2:16:db:b3:9c:87:91:75:b1:34:7a:99:
4e:fa:82:4d:17:81:72:2d:4d:aa:1e:78:77:92:c5:
a2:f8:5c:2b:ba:ab:b1:26:d7:3f:89:96:ec:c1:6d:
3e:26:b9:89:47:ec:c4:88:a9:93:8f:51:f7:7c:b6:
f1:2a:ee:c0:57:4f:1b:37:7a:95:d2:97:b7:2f:93:
f0:0a:64:8a:12:6d:6b:69:b5:d9:31:cc:88:a8:24:
12:22:ca:e4:74:a2:89:16:4d:d6:c7:42:36:a1:2c:
7e:e4:81:30:e6:3d:11:d0:84:c8:a5:31:e5:33:63:
58:58:70:77:4b:a8:e6:5d:cf:35:28:cb:04:e7:4c:
3c:57:28:28:f0:7a:d1:8e:c0:38:a5:b9:98:8a:75:
43:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:25:F3:E2:D6:03:8B:2D:35:0B:EB:4F:FB:67:63:CC:9A:F4:1E:0C
X509v3 Authority Key Identifier:
keyid:4A:64:4C:11:56:85:18:03:F3:7A:DE:EC:08:76:CC:F9:89:D5:AE:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SmRMEVaFGAPzet7sCHbM-YnVrvA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/vyXz4tYDiy01C-tP-2djzJr0Hgw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/SmRMEVaFGAPzet7sCHbM-YnVrvA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:5707:111::/48
2a0f:5707:1000::/44
Signature Algorithm: sha256WithRSAEncryption
56:e6:ad:52:f5:6d:b4:84:d5:33:94:b7:fa:ac:7b:3a:8e:cc:
bd:3a:43:e5:45:04:71:d8:91:fb:ad:12:67:94:b6:e6:59:95:
1f:b9:e4:52:8b:f8:28:38:73:00:e6:6f:3d:c6:7a:2d:0b:05:
40:da:a8:46:e6:f1:2f:34:aa:b0:c3:3d:4f:b6:e4:6f:ea:8a:
5b:4e:aa:87:04:e9:73:90:27:15:6d:84:c9:69:c0:cf:01:b4:
61:c5:38:f6:10:72:7b:ac:f0:82:a0:81:ea:7a:1c:e6:74:6c:
b8:5e:60:f6:29:5a:21:00:9f:70:15:5d:15:ec:f3:f6:e1:69:
d4:6e:07:a0:2f:c8:44:78:13:34:fd:3a:9a:59:ab:5f:e1:29:
32:b3:30:8f:66:6a:61:c8:18:5a:13:9f:c6:bf:95:78:56:17:
d5:2f:60:45:30:f9:3f:dd:e0:31:c7:c4:bd:f6:e5:67:bb:b1:
1b:76:52:0b:09:67:e9:91:d9:e0:b7:fd:ce:2b:41:79:02:55:
85:e3:40:47:58:7e:47:61:cc:d3:53:b8:a1:b7:d6:36:ca:7b:
b1:9d:b4:70:46:45:2f:24:80:61:bd:46:bc:56:7f:0e:70:f6:
d7:3b:ea:f9:30:57:76:64:d1:3c:03:11:03:c3:29:51:d9:f2:
48:2b:aa:b8
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYMQEaN7ZYRiG2KvA0HN7+JmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNjQ0YzExNTY4NTE4MDNmMzdhZGVlYzA4NzZjY2Y5ODlk
NWFlZjAwHhcNMjIwOTA1MjM1MjE0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjI1ZjNlMmQ2MDM4YjJkMzUwYmViNGZmYjY3NjNjYzlhZjQxZTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApsinFHscLIb77XOjL2yeMDov5Gi0
izmP7DBVnWqxqj8jpdqHIEATtQlnif9ZUKrfWCcaQoubzOljDGaAahdAjmNLD1rn
xkgspD/kfwwwj46GGrfU1GbHdHL16e2YmiqvLP1iO3cBI29BRW/iFtuznIeRdbE0
eplO+oJNF4FyLU2qHnh3ksWi+FwruquxJtc/iZbswW0+JrmJR+zEiKmTj1H3fLbx
Ku7AV08bN3qV0pe3L5PwCmSKEm1rabXZMcyIqCQSIsrkdKKJFk3Wx0I2oSx+5IEw
5j0R0ITIpTHlM2NYWHB3S6jmXc81KMsE50w8Vygo8HrRjsA4pbmYinVD2QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFL8l8+LWA4stNQvrT/tnY8ya9B4MMB8GA1UdIwQY
MBaAFEpkTBFWhRgD83re7Ah2zPmJ1a7wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU21STUVWYUZHQVB6ZXQ3c0NIYk0tWW5WcnZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS82YjA3OTgtM2Q0Zi00MGU2LWI3Mzkt
Y2MxYzliNWY2NjQwLzEvdnlYejR0WURpeTAxQy10UC0yZGp6SnIwSGd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS82YjA3OTgtM2Q0Zi00MGU2LWI3MzktY2MxYzliNWY2NjQw
LzEvU21STUVWYUZHQVB6ZXQ3c0NIYk0tWW5WcnZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKg9XBwER
AwcEKg9XBxAAMA0GCSqGSIb3DQEBCwUAA4IBAQBW5q1S9W20hNUzlLf6rHs6jsy9
OkPlRQRx2JH7rRJnlLbmWZUfueRSi/goOHMA5m89xnotCwVA2qhG5vEvNKqwwz1P
tuRv6opbTqqHBOlzkCcVbYTJacDPAbRhxTj2EHJ7rPCCoIHqehzmdGy4XmD2KVoh
AJ9wFV0V7PP24WnUbgegL8hEeBM0/TqaWatf4SkyszCPZmphyBhaE5/Gv5V4VhfV
L2BFMPk/3eAxx8S99uVnu7EbdlILCWfpkdngt/3OK0F5AlWF40BHWH5HYczTU7ih
t9Y2ynuxnbRwRkUvJIBhvUa8Vn8OcPbXO+r5MFd2ZNE8AxEDwylR2fJIK6q4
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:22 2024 by rpki-client on console-ams.rpki-client.org